PRIVACY POLICY

The Face Clinic Bristol is committed to protecting your privacy and handling your personal data transparently, securely and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, store and protect your personal data when you contact us, book an appointment, attend a consultation or receive treatment.

1. Who We Are

Data Controller: The Face Clinic Bristol
Business Type: Aesthetic & skin clinic
Contact Email: contact@thefaceclinicbristol.com

We are the data controller responsible for your personal information.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

a) Personal & Contact Information

Full name
Date of birth
Address
Email address
Telephone number

b) Medical & Health Information (Special Category Data)

Medical history
Allergies
Medications
Pregnancy/breastfeeding status
Treatment suitability information
Consultation notes

c) Treatment Records

Details of treatments received
Products used
Dosages (where applicable)
Before-and-after photographs

d) Payment Information

Deposit and payment records
(We do not store full card details.)

e) Communication Data

Emails, messages and telephone correspondence
Appointment booking records

3. Special Category (Health) Data

Medical and health information is classified as special category data under UK GDPR.

We process this data because it is:

Necessary for medical assessment and treatment
Required for client safety
Needed to meet legal, regulatory and insurance obligations

This data is handled with the highest level of confidentiality and security.

4. How We Use Your Data

We use your personal data to:

Book and manage appointments
Carry out consultations and treatments safely
Assess treatment suitability
Maintain accurate medical records
Communicate with you about your care
Arrange prescriber consultations where required
Process payments and deposits
Meet legal, regulatory and insurance requirements
Respond to complaints or queries

We will never sell your data to third parties.

5. Lawful Basis for Processing

We process your personal data under the following lawful bases:

Consent – for consultations, treatments, photographs and marketing (where applicable)
Contract – to provide services you have booked
Legal obligation – to meet healthcare, insurance and regulatory requirements
Vital interests – where necessary for health and safety
Legitimate interests – for clinic administration and record keeping

You may withdraw consent at any time where consent is the lawful basis.

6. Photographs & Marketing

Clinical photographs are taken for medical records and treatment monitoring.
Separate, explicit written consent is required for any photographs used for marketing, social media or promotional purposes.
You may withdraw marketing consent at any time.

7. Data Sharing

We may share your data only when necessary with:

Prescribing clinicians (for anti-wrinkle treatments)
Medical indemnity or insurance providers
Regulatory bodies if legally required
IT systems used for secure booking, record keeping or payment processing

All third parties are required to comply with UK GDPR and maintain appropriate security measures.

8. Data Storage & Security

We take appropriate technical and organisational measures to protect your data, including:

Secure digital systems with password protection
Encrypted storage where applicable
Restricted access to authorised personnel only
Secure storage of paper records

9. Data Retention

We retain your data only for as long as necessary:

Medical and treatment records are retained in line with professional, insurance and legal requirements (typically 7–8 years).
Marketing data is retained until consent is withdrawn.
Financial records are retained in accordance with HMRC requirements.

10. Your Rights Under UK GDPR

You have the right to:

Access your personal data
Request correction of inaccurate data
Request erasure (where applicable)
Restrict or object to processing
Data portability
Withdraw consent at any time
Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, please contact us using the details above.

11. Cookies & Website Data

If you visit our website or social media pages, cookies or analytics tools may be used. Please refer to our website cookie notice for further details.

12. Complaints

If you have concerns about how your data is handled, please contact us first so we can resolve the issue.

You also have the right to complain to:

Information Commissioner’s Office (ICO)
www.ico.org.uk

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The most current version will always apply and be available upon request.

By engaging with The Face Clinic Bristol, you acknowledge that you have read and understood this Privacy Policy.

COOKIE NOTICE

This Cookie Notice explains how The Face Clinic Bristol uses cookies and similar technologies on our website.

1. What Are Cookies?

Cookies are small text files that are placed on your device (computer, tablet or mobile phone) when you visit a website. They help websites function properly, improve user experience and provide information to website owners.

2. Types of Cookies We Use

a) Strictly Necessary Cookies

These cookies are essential for the website to function correctly. They enable core features such as page navigation and access to secure areas of the website.

These cookies do not store personally identifiable information
They cannot be switched off in our systems

b) Functional Cookies

Functional cookies allow the website to remember choices you make (such as preferences) to provide enhanced and more personalised features.

c) Analytical / Performance Cookies

These cookies help us understand how visitors use our website by collecting information anonymously, such as:

Pages visited
Time spent on the site
Error messages

This helps us improve website performance and user experience.

Examples may include Google Analytics or similar tools.

d) Marketing & Social Media Cookies

These cookies may be set by social media platforms or third-party advertising services to:

Track engagement
Show relevant content or advertisements
Measure the effectiveness of marketing campaigns

These cookies are only used if you provide consent.

3. How We Use Cookies

We use cookies to:

Ensure the website functions properly
Improve website performance
Analyse website traffic
Support marketing and social media features (where applicable)

4. Consent

When you visit our website for the first time, you will be presented with a cookie banner allowing you to:

Accept all cookies
Reject non-essential cookies
Manage your cookie preferences

You can change or withdraw your consent at any time.

5. Managing Cookies

You can control and manage cookies in the following ways:

Adjust your browser settings to block or delete cookies
Use cookie preference tools provided on our website

Please note that disabling certain cookies may affect website functionality.

6. Third-Party Cookies

Some cookies are set by third-party services that appear on our website, such as:

Analytics providers
Social media platforms
Booking or payment systems

We do not control these cookies. Please refer to the relevant third party’s privacy and cookie policies for more information.

7. Updates to This Cookie Notice

We may update this Cookie Notice from time to time to reflect changes in technology, law or how we use cookies. The most current version will always apply.

8. Contact Us

If you have any questions about our use of cookies, please contact:

The Face Clinic Bristol
Email: contact@thefaceclinicbristol.com

By continuing to use our website, you acknowledge that you have read and understood this Cookie Notice.